On Mon, 2005-10-03 at 21:26 -0500, Ryan wrote:
> On Monday 03 October 2005 05:02 pm, Craig White wrote:
> > What Windows does has nothing to do with Unix/Linux.
>> Ok, but a fair comparison is a Windows admin who logs on as 'administrator'
> and a Linux admin who logs on as 'root'.
>> While the two OS's are very different, the end result of logging on as root is
> very similar.
----
If you merely call root on Linux, Administrator on Windows both
'superusers' the identification is much the same. The difference is, any
Linux distribution worth it's salt will give you methods to access
superuser privileges from a normal login whereas you have to have
Administrator privileges to do superuser tasks on Windows. There is a
big distinction. If you need to download say a print driver, you are
using a web browser as a normal user in Linux and as superuser in
Windows.
----
>>> >Debian (and things like Ubuntu) have it right.
>> I disagree entirely. So long as the user is displayed a warning indicating
> that its a bad idea to do so, I see nothing wrong with allowing a user to
> control their own system.
----
OK - it's your machine, your call
----
>> > It's really a poor idea.
>> Ok, I have to ask. If I log in to machine *not connected to any network*, and
> I am doing admin tasks, what danger do I run that I wouldn't if I run as root
> from a terminal on a limited account?
----
you may have already downloaded some malicious code in a web browser
plugin, java applet or ??? that doesn't get executed until you fire up
the root account and use a web browser. Just the first idea that comes
to my mind...I'm not gonna spend a lot of time thinking about the what
ifs.
----
>> The Debian distros (Ubuntu, Mepis) sudo setup is way more complicated than
> necessary - it offers no more protection with significantly more headaches.
> Nothing is as pointless as forcing a user to use sudo to run a compiler.
>> If I want an "admin" account and a "root" account I'll go burn my money on a
> mac. :-)
----
Mac's are as bad as Windows - making everyone a superuser by default.
These guys aren't at all concerned with security - only ease of use.
Don't get me started on OSX - it's OT on this list anyway.
Craig
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.